FAQ

To Whom Does the CCPA Apply?

The California Consumer Privacy Act (CCPA) applies to certain for-profit businesses that collect or have collected the personal information of California residents, whether or not those busi ...
November 28, 2023
FAQ

What is COSO?

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) was formed initially to enable the National Commission on Fraudulent Financial Reporting. It was founded by five s ...
November 28, 2023
FAQ

What is a SSAE 18 Audit?

The SSAE 18, or Statement on Standards for Attestation Engagements No. 18, auditing standards require that service organizations confirm and re-confirm third-party vendor certifications and ...
November 22, 2023
FAQ

What Is SOX Reporting?

In the early 2000s, corporate titans Enron, WorldCom, and Tyco became household names — thanks to huge accounting scandals at each one, ruining inventors and employees alike and souring pu ...
November 21, 2023
FAQ

ISO Compliance vs. Certification: What’s the Difference?

ISO certification means that a third party has independently validated that an organization conforms to standards established by the International Organization for Standardization (ISO).  ...
November 6, 2023
FAQ

How Frequently Should You Audit for SOC 2?

After your first System and Organization Controls for Service Organizations 2 (SOC 2) report, you’ll most likely want to follow up every year with a new audit and report.  But you can ...
October 31, 2023
FAQ

Do I Need a SOC 2 Report?

 If your enterprise is a service provider that handles customer data, it should have a System and Organization Controls for Service Organizations 2 (SOC 2) report attesting to its SOC 2 com ...
October 31, 2023
FAQ

What Are NIST Controls and How Many Are There?

The National Institute of Standards and Technology is a U.S. government agency that publishes cybersecurity frameworks organizations can use to strengthen their internal controls and complia ...
October 30, 2023
1 2 3 4 9